0382bbf9e3b441a68e9f2c3a9c662dc8_JaffaCakes118

General

Target

0382bbf9e3b441a68e9f2c3a9c662dc8_JaffaCakes118
Size

436KB
MD5

0382bbf9e3b441a68e9f2c3a9c662dc8
SHA1

0247953f4e0ad484443b90f2063964c7872c3242
SHA256

c56e0714abe31d0265448dd0cc23d0a671421aafe473af1ded6ccb714ab6fa18
SHA512

bc0a01c7b725398e1a17fc57aaa245518b41ee053e5b240bd1ccf401c10fba07eadfd2a18a23396fe6c48357ac87527e5f0d2fcb265ad5b65beddba48d3b72fe
SSDEEP

12288:Eqo5L/YItunKUMfMPz4/DCcMjqnaI9Ri4eFaMJj:EZrriFPzWCcMqaIEaMJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0382bbf9e3b441a68e9f2c3a9c662dc8_JaffaCakes118

Files

0382bbf9e3b441a68e9f2c3a9c662dc8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

687c06f7596e84ea881fefa245636a87

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
GetLastError
WriteFile
GetEnvironmentStrings
RtlUnwind
MultiByteToWideChar
GetDateFormatA
GetCurrentProcess
IsValidCodePage
VirtualAlloc
TlsSetValue
VirtualProtect
HeapReAlloc
HeapDestroy
EnterCriticalSection
HeapCreate
GetStdHandle
InterlockedExchange
GetModuleFileNameA
GetStringTypeW
LeaveCriticalSection
ExitProcess
GetTimeZoneInformation
LCMapStringW
SetLastError
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
IsValidLocale
GetStartupInfoA
TlsGetValue
QueryPerformanceCounter
DeleteCriticalSection
UnhandledExceptionFilter
GetCPInfo
VirtualQuery
GetCurrentThreadId
GetOEMCP
HeapAlloc
InitializeCriticalSection
HeapFree
CompareStringA
TerminateProcess
GetCurrentProcessId
GetCurrentThread
SetEnvironmentVariableA
LCMapStringA
GetCurrentDirectoryW
TlsFree
GetLocaleInfoW
GetUserDefaultLCID
SetHandleCount
GetStringTypeA
VirtualFree
WideCharToMultiByte
FreeEnvironmentStringsA
GetEnvironmentStringsW
GetModuleHandleA
EnumSystemLocalesA
GetTimeFormatA
GetCommandLineA
CompareStringW
IsBadWritePtr
GetACP
FreeEnvironmentStringsW
GetLocaleInfoA
TlsAlloc
GetProcAddress
GetVersionExA
HeapSize
GetFileType

shell32

SHGetMalloc
FindExecutableA
SHGetDesktopFolder
ExtractAssociatedIconA
FreeIconList

comdlg32

ChooseColorA

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

687c06f7596e84ea881fefa245636a87

Headers

File Characteristics

Imports

kernel32

shell32

comdlg32

Sections

.text Size: 156KB - Virtual size: 155KB

.data Size: 272KB - Virtual size: 272KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 156KB - Virtual size: 155KB

.data
Size: 272KB - Virtual size: 272KB

.rsrc
Size: 6KB - Virtual size: 6KB